CVE-2014-9027 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the (1) enblftp (2) enblhttp (3) enblsnmp (4) enbltelnet (5) enbltftp (6) enblicmp or (7) enblssh parameter to accesslocal.cmd.

Reference

http://packetstormsecurity.com/files/129041 https://exchange.xforce.ibmcloud.com/vulnerabilities/98590